package cn.yunhe.insurance.config;

import cn.yunhe.insurance.realms.UserLoginRealm;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.authz.ModularRealmAuthorizer;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;


/**
 * shiro的配置类
 * @author sujin
 *
 */

@Configuration
public class ShiroConfig {

    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager  securityManager) {
        ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
        bean.setSecurityManager(securityManager);
       // bean.setLoginUrl("/login.html");
        bean.setUnauthorizedUrl("/404.html");
        LinkedHashMap hashMap=new LinkedHashMap<>();
        hashMap.put("/login.html","anon");
        hashMap.put("/css/**","anon");
        hashMap.put("/fonts/**","anon");
        hashMap.put("/images/**","anon");
        hashMap.put("/js/**","anon");
        hashMap.put("/layui-util/**","anon");
        hashMap.put("/emp/verifyCode","anon");
        hashMap.put("/emp/getInfo","anon");
        hashMap.put("/registration.html","anon");
        hashMap.put("/updatePWD.html","anon");
        hashMap.put("/emp/login","anon");
        hashMap.put("/emp/updatePassword","anon");
        hashMap.put("/emp/getVeryCode","anon");
        hashMap.put("/role/getP","anon");
        hashMap.put("/**","authc");
        bean.setFilterChainDefinitionMap(hashMap);
        return bean;
    }


/**
     * 身份认证realm; (这个需要自己写，账号密码校验；权限等)
     * @return
     */


    @Bean
    public UserLoginRealm userLoginRealm() {
        UserLoginRealm userLoginRealm = new UserLoginRealm();
        HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        hashedCredentialsMatcher.setHashIterations(1024);
        userLoginRealm.setCredentialsMatcher(hashedCredentialsMatcher);
        return userLoginRealm;
    }

    @Bean("authorizer")
    public Authorizer authorizer(UserLoginRealm  userLoginRealm) {
        ModularRealmAuthorizer authorizer = new ModularRealmAuthorizer();
        List list=new ArrayList();
        list.add(userLoginRealm);
        authorizer.setRealms(list);
        return authorizer;
    }
    @Bean("authenticator")
    public Authenticator authenticator(UserLoginRealm userLoginRealm) {
        ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator();
        List list=new ArrayList();
        list.add(userLoginRealm);
        authenticator.setRealms(list);
        return authenticator;
    }

    //配置核心安全事务管理器
    @Bean
    public SecurityManager securityManager( Authorizer authorizer ,Authenticator authenticator) {
        DefaultWebSecurityManager manager=new DefaultWebSecurityManager();
        manager.setAuthorizer(authorizer);
        manager.setAuthenticator(authenticator);
        return manager;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor( SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor=new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }


    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator creator=new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);
        return creator;
    }

}

